Over 250 Million Email Credentials Retrieved in Data Breach, However, It May Not Be as Bad as it Seems

American cyber investigation company Hold Security has discovered a massive data breach of more than 250 million webmail accounts around the world.

The company’s founder, Alex Holden, reportedly told Reuters that:

“The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular email service, and smaller fractions of Google, Yahoo and Microsoft email users.”

The discovery was made when a researcher at Hold Security stumbled upon a young Russian hacker, known as “The Collector” boasting in an online forum about how he had stolen these records. Hold Security is a firm that attempts to recover stolen credentials from cybercriminals. Intrigued by such a large number of records, the company reached out to the hacker, and learned that the data was actually a collection of multiple breaches over time. Shockingly, they learned that the hacker only wanted 50 rubles, which is about .75 cents for the lot. The hacker stated that he just wanted to get rid of it, but he didn’t want to do it completely for free. Instead, the hacker just asked them to add likes/votes to his social media page.

Once Hold Security retrieved the collection, they began investigating the legitimacy of the records. According to their blog, after checking the 272 million records against the records they have obtained from previous incidents, only 42 million of these are ones they have never seen before. While it is still a major security breach, it appears that a bulk of it may be older, recycled information from previous data breaches. Hold Security is still investigating the new records that have been found, and will be “distributed to companies and individuals who can secure their systems against abuse.”

While stolen email account credentials may seem like small potatoes, they are actually extremely useful to cybercriminals, for many reasons. Once cybercriminals can access your email account, this can give them access to scamming your friends, family, or any other email contacts, including companies you do business with.

In addition to scamming people in your address book, they can also siphon important personal data, allowing them to commit identity theft.

As well as stealing data and scamming friends, they also have the ability to break into other online accounts, such as financial accounts that are associated with the email account by attempting password resets.

If you think you may have been compromised in this breach, you should do the following immediately:

If you have any other accounts that share the same password as your email account, change those immediately as well. Additionally, this is a practice that cybercriminals rely on to try to break into other accounts you may own.

Consider using two-factor authentication on any accounts that offer it. Two-factor authentication (2FA) usually works by providing you with a special code most commonly sent by a text to your phone every time you login, in addition to your regular password.

Since this contains data from older data breaches, that information may start recirculating the web again. It may take weeks to months to know if you have been breached, as the criminals may hold the data for a long amount of time in order to evade detection. So if you haven’t changed your password in a few months, it’s best to be safe rather than sorry and change those passwords now.

About the Author

I began my career in the computer hardware industry as an Apple Genius, which allowed me to gain a vast knowledge of consumer technology and issues. At Norton, I am able to integrate my passion for technology and my passion for helping educate consumers about the evolving Internet threat landscape.